<?php

/************************************************************************/
/* ajaxBlocksEditor   v1.31+                                             */
/* Module for phpnuke                                                   */
/* Copyright (C) 2006 aman                                              */
/* Web:   http://www.aman.38.com/phpnuke/                               */
/* Email: aman@aman.38.com   2006-03-23 01:04                           */
/* =====================================================================*/
/************************************************************************/
/* PHP-NUKE: Web Portal System                                          */
/* ===========================                                          */
/*                                                                      */
/* Copyright (c) 2005 by Francisco Burzi                                */
/* http://phpnuke.org                                                   */
/*                                                                      */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License.       */
/************************************************************************/


if (!defined('ADMIN_FILE')) {
	die ("Access Denied");
}


$StandAlone = (isset($_COOKIE['standalone']))? $_COOKIE['standalone'] : 1;
$bids = (isset($_GET['bids']))? $_GET['bids'] : "";
$ok = (isset($_GET['ok']))? $_GET['ok'] : "";

$SELF=$_SERVER['PHP_SELF']."?op=ajaxBlocksEditor";

	
global $prefix, $db, $admin_file;
$aid = substr("$aid", 0,25);
$row = $db->sql_fetchrow($db->sql_query("SELECT title, admins FROM ".$prefix."_modules WHERE title='Content'"));
$row2 = $db->sql_fetchrow($db->sql_query("SELECT name, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
$admins = explode(",", $row['admins']);
$auth_user = 0;
for ($i=0; $i < sizeof($admins); $i++) {
	if ($row2['name'] == "$admins[$i]" AND !empty($row['admins'])) {
		$auth_user = 1;
	}
}

if ($row2['radminsuper'] == 1 || $auth_user == 1) {


		if ($StandAlone < 1){
			include ("header.php");
			GraphicAdmin();
			$ddpic="user.gif";
			$show=1;
			$alt=_STANDALONE;
			
		}else{
		
			echo "<head>\n";
			include("includes/meta.php");
			echo "<title>$sitename "._AJAXBlocksEditor."</title>\n";	
			echo "<LINK REL=\"StyleSheet\" HREF=\"themes/$ThemeSel/style/style.css\" TYPE=\"text/css\">\n\n\n";
			echo "</head>\n";

			$ddpic="mem.gif";
			$show=0;
			$alt=_FULLPAGE;
		}


			
			echo $script = "<link rel=\"stylesheet\" href=\"includes/dd_files/lists.css\" type=\"text/css\">\n";

	
require_once('includes/dd_files/Sajax.php');
sajax_init();
 $sajax_debug_mode = 1;

sajax_handle_client_request();

if(isset($_POST['order']))
{
	edit_block($data);
	exit;
}

	switch($op) {

			case "ajaxBlocksAdmin":
			ajaxBlocksAdmin();
			break;

			case "ajaxBlocksEditSave":
			ajaxBlocksEditSave($bid, $bkey, $title, $content, $url, $oldposition, $bposition, $active, $refresh, $weight, $blanguage, $blockfile, $view, $expire, $action, $subscription, $moretime);
			break;

			case "ajaxBlocksAdd":
			ajaxBlocksAdd($title, $content, $url, $bposition, $active, $refresh, $headline, $blanguage, $blockfile, $view, $expire, $action, $subscription);
			break;

			case "ajaxBlocksDelete":
			ajaxBlocksDelete($bids, $ok);
			break;
			
			default :
			ajaxmain();
			break;
			
	}	


if ($StandAlone < 1)include("footer.php");
} else {
	echo "Access Denied";
}
?>

<?

function ajaxmain()
{
  global $prefix, $db,$admin_file,$StandAlone,$ddpic,$show,$SELF,$alt;

	$script = "<script language=\"JavaScript\" type=\"text/javascript\" src=\"includes/dd_files/coordinates.js\"></script> \n";
	$script .= "<script language=\"JavaScript\" type=\"text/javascript\" src=\"includes/dd_files/drag.js\"></script>\n";
	$script .= "<script language=\"JavaScript\" type=\"text/javascript\" src=\"includes/dd_files/dragdrop.js\"></script> \n";
	
	echo $script;
	
	OpenTable();
	OpenTable();
	
	echo "<center><font class=\"title\"><b>"._AJAXBlocksEditor."</b></font></center>";
	CloseTable();
	?>
	<center>

	   
	<TABLE cellSpacing="0" cellPadding="0" width="90%" border="0">
	<TBODY>
	<TR valign="bottom">
	<TD>
		
	 <form name="sd" action="<?=$SELF?>" method="post" style="margin:0">
	   <br /> 
	   <input type="button" onclick="getSort('delete');" value="<?=_Delete?>" style="background-color: #ff0033; color: #ffffff;"/>
	   <input type="hidden" name="order" id="order" />
	   <input type="hidden" name="mod">
	   <input type="button" onclick="getSort('sort');" value="<?=_Order?>"/> 
	   <input type="button" onclick="getSort('edit');" value="<?=_Edit?>"/> 
	   <input type="button" onclick="chgop('<?=$_SERVER['PHP_SELF']?>?op=ajaxBlocksAdmin');" value="<?=_AddNewBlock?>"/> 
	</TD>
	<TD width="10%" align="center">
	<a href="#"><img src="images/im/<?=$ddpic?>" border="0" onClick="DDShow(<?=$show?>,'<?=$SELF?>')" alt="<?=$alt?>"></a>
	<a href="<?=$SELF?>"><img src="images/im/reload.gif" border="0" align="absmiddle" alt="refresh"></a>
	</TD>
	<TD align='right' width="33%">
	<?if ($StandAlone == 1){?>
		
			<a href='index.php'><?=_HOME?></a> | <a href='<?=$admin_file?>.php'><?=_ADMINMENU?></a> 
	<?}?>
	</TD>
	</TR>
	</TBODY>
	</TABLE>
	<br />

	<FIELDSET class="note"><legend><?=_Blocks2EditOrDelete?></legend>
	<ul id="edit" class="sortable edit" TITLE="<?=_Blocks2EditOrDelete?>"> 
	</ul>
	<br><br>
	</FIELDSET>
	<br />

	<ul id="l" class="sortable boxy" TITLE="<?=_LEFTBLOCK?>"> 
	<?php
	$mySELECT = "SELECT CONCAT(bid,'<|>',bposition,'<|>',weight,'<|>',active) AS lid,CONCAT(UPPER(bposition), weight,' - ',title) AS title,bid";
	$r = $db->sql_query("$mySELECT FROM ".$prefix."_blocks WHERE bposition = 'l' AND active=1 ORDER BY weight ASC"); 
	
	while($rw = $db->sql_fetchrow($r))
	{
	  echo "<li id=\"".$rw['lid']."\">".$rw['title']."</li> \n"; 
	  $bid = $rw['bid'];
	  $blist[$bid] = $rw['title'];
	}
	?>
	</ul>
	

	<ul id="c" class="sortable boxc" TITLE="<?=_CENTERUP?>"> 
	   <?php
	$r = $db->sql_query("$mySELECT FROM ".$prefix."_blocks WHERE bposition = 'c' AND active=1 ORDER BY weight ASC");
	while($rw = $db->sql_fetchrow($r)) 
	{
	  echo "<li id=\"".$rw['lid']."\">".$rw['title']."</li> \n";
	  $bid = $rw['bid'];
	  $blist[$bid] = $rw['title'];
	}
	?>
	
	</ul>



	<ul id="r" class="sortable boxr" TITLE="<?=_RIGHTBLOCK?>"> 
	   <?php
	$r = $db->sql_query("$mySELECT FROM ".$prefix."_blocks WHERE bposition = 'r' AND active=1 ORDER BY weight ASC");
	
	
	while($rw = $db->sql_fetchrow($r)) 
	{
	  echo "<li id=\"".$rw['lid']."\">".$rw['title']."</li> \n";
	  $bid = $rw['bid'];
	  $blist[$bid] = $rw['title'];
	}
	?>
	</ul>

<?php
	$r = $db->sql_query("$mySELECT FROM ".$prefix."_blocks WHERE bposition = 'd' AND active=1 ORDER BY weight ASC");

	$ULd = "<ul id=\"d\" class=\"sortable boxc\" TITLE=\""._CENTERDOWN."\"> \n";
	
	while($rw = $db->sql_fetchrow($r)) 
	{
	  $ULd .= "<li id='".$rw['lid']."'>".$rw['title']."</li> \n";
	  $bid = $rw['bid'];
	  $blist[$bid] = $rw['title'];
	}
	$ULd .= "</ul>";
	
	echo $ULd;

?>
<p><br><br>
	<FIELDSET class="note"><legend><?=_ClosedBlocks?></legend>
	<ul id="t" class="sortable bak" TITLE="<?=_ClosedBlocks?>"> 
<?php

	$r = $db->sql_query("SELECT CONCAT(bid,'<|>',bposition,'<|>',weight,'<|>',active) AS lid,CONCAT(UPPER(bposition),' - ',title) AS title,bid FROM ".$prefix."_blocks WHERE  active=0 ORDER BY bposition,weight ASC"); 
	while($rw = $db->sql_fetchrow($r)) 
	{
	  echo "<li id=\"".$rw['lid']."\">".$rw['title']."</li> \n";
	  $bid = $rw['bid'];
	  $blist[$bid] = $rw['title'];
	}
	?>
	</ul>
	</FIELDSET>

	<br><br>
	<?
	$blist = ObjEncode($blist);
	
	echo "<input type=\"hidden\" name=\"blist\" value=\"$blist\" />
	</form>";
	//<a href="http://www.aman.38.com/phpnuke/" target="_bank">www.aman.38.com</a></p>
			echo "<table width='90%'><tr><td>\n";
			echo "<div align=\"right\"><a href=\"http://www.aman.38.com/phpnuke/\" target=\"_bank\">www.aman.38.com</a> - <a href=\"javascript:openwindow()\">ajaxBlocksEditor &copy;</a></div>";
			echo "</td></tr></table>\n\n";
			
			echo "<script type=\"text/javascript\">\n";
			echo "<!--\n";
			echo "function openwindow(){\n";
			echo "	window.open (\"includes/dd_files/copyright.php\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=450,height=220\");\n";
			echo "}\n";
			echo "//-->\n";
			echo "</SCRIPT>\n\n";
	CloseTable();
}


	function BlocksEdit($bid) {
		global $bgcolor2, $bgcolor4, $prefix, $db, $multilingual, $admin_file, $AllowableHTML,$StandAlone;
		//include("header.php");
		//GraphicAdmin();

		OpenTable();
		echo "<center><font class=\"title\"><b><a href='".$admin_file.".php?op=ajaxBlocksEditor'>"._AJAXBlocksEditor."</a> - "._EDITBLOCK."</b></font></center>";
		CloseTable();
		//echo "<br>";
		if ($StandAlone > 0){
		echo "<center><TABLE cellSpacing=\"0\" cellPadding=\"0\" width=\"70%\" border=\"0\">
		<TBODY>
		<TR>
		<TD>";
		}
		$bid = intval($bid);
		$row = $db->sql_fetchrow($db->sql_query("select bkey, title, content, url, bposition, weight, active, refresh, blanguage, blockfile, view, expire, action, subscription from ".$prefix."_blocks where bid='$bid'"));
		$bkey = filter($row['bkey'], "nohtml");
		$title = filter($row['title'], "nohtml");
		$content = filter($row[content]);
		$url = filter($row['url'], "nohtml");
		$bposition = filter($row['bposition'], "nohtml");
		$weight = intval($row['weight']);
		$active = intval($row['active']);
		$refresh = intval($row['refresh']);
		$blanguage = $row['blanguage'];
		$blockfile = filter($row['blockfile'], "nohtml");
		$view = intval($row['view']);
		$expire = intval($row['expire']);
		$action = intval($row['action']);
		$subscription = intval($row['subscription']);
		if ($url != "") {
			$type = _RSSCONTENT;
		} elseif ($blockfile != "") {
			$type = _BLOCKFILE;
		}
		OpenTable();
		echo "<center><font class=\"option\"><b>"._BLOCK.": $title $type</b></font></center><br><br>"
		."<form action=\"".$admin_file.".php\" method=\"post\">"
		."<table border=\"0\" width=\"100%\">"
		."<tr><td>"._TITLE.":</td><td><input type=\"text\" name=\"title\" size=\"30\" maxlength=\"60\" value=\"$title\"></td></tr>";
		if ($blockfile != "") {
			echo "<tr><td>"._FILENAME.":</td><td>"
			."<select name=\"blockfile\">";
			$blocksdir = dir("blocks");
			while($func=$blocksdir->read()) {
				if(substr($func, 0, 6) == "block-") {
					$blockslist .= "$func ";
				}
			}
			closedir($blocksdir->handle);
			$blockslist = explode(" ", $blockslist);
			sort($blockslist);
			for ($i=0; $i < sizeof($blockslist); $i++) {
				if($blockslist[$i]!="") {
					$bl = ereg_replace("block-","",$blockslist[$i]);
					$bl = ereg_replace(".php","",$bl);
					$bl = ereg_replace("_"," ",$bl);
					echo "<option value=\"$blockslist[$i]\" ";
					if ($blockfile == $blockslist[$i]) { echo "selected"; }
					echo ">$bl</option>\n";
				}
			}
			echo "</select>&nbsp;&nbsp;<font class=\"tiny\">"._FILEINCLUDE."</font></td></tr>";
		} else {
			if ($url != "") {
				echo "<tr><td>"._RSSFILE.":</td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"200\" value=\"$url\">&nbsp;&nbsp;<font class=\"tiny\">"._ONLYHEADLINES."</font></td></tr>";
			} else {
				echo "<tr><td>"._CONTENT.":</td><td><textarea name=\"content\" cols=\"70\" rows=\"15\">$content</textarea></td></tr>";
			}
		}
		$oldposition = $bposition;
		echo "<input type=\"hidden\" name=\"oldposition\" value=\"$oldposition\">";
		$sel1 = $sel2 = $sel3 = $sel4 = "";
		if ($bposition == "l") {
			$sel1 = "selected";
		} elseif ($bposition == "c") {
			$sel2 = "selected";
		} elseif ($bposition == "r") {
			$sel3 = "selected";
		} elseif ($bposition == "d") {
			$sel4 = "selected";
		}
		echo "<tr><td>"._POSITION.":</td><td><select name=\"bposition\">"
		."<option name=\"bposition\" value=\"l\" $sel1>"._LEFT."</option>"
		."<option name=\"bposition\" value=\"c\" $sel2>"._CENTERUP."</option>"
		."<option name=\"bposition\" value=\"d\" $sel4>"._CENTERDOWN."</option>"
		."<option name=\"bposition\" value=\"r\" $sel3>"._RIGHT."</option></select></td></tr>";
		if ($multilingual == 1) {
			echo "<tr><td>"._LANGUAGE.":</td><td>"
			."<select name=\"blanguage\">";
			$handle=opendir('language');
			while ($file = readdir($handle)) {
				if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
					$langFound = $matches[1];
					$languageslist .= "$langFound ";
				}
			}
			closedir($handle);
			$languageslist = explode(" ", $languageslist);
			sort($languageslist);
			for ($i=0; $i < sizeof($languageslist); $i++) {
				if($languageslist[$i]!="") {
					echo "<option value=\"$languageslist[$i]\" ";
					if($languageslist[$i]==$blanguage) echo "selected";
					echo ">".ucfirst($languageslist[$i])."</option>\n";
				}
			}
			if ($blanguage != "") {
				$sel3 = "";
			} else {
				$sel3 = "selected";
			}
			echo "<option value=\"\" $sel3>"._ALL."</option></select></td></tr>";
		} else {
			echo "<input type=\"hidden\" name=\"blanguage\" value=\"\">";
		}
		if ($active == 1) {
			$sel1 = "checked";
			$sel2 = "";
		} elseif ($active == 0) {
			$sel1 = "";
			$sel2 = "checked";
		}
		if ($expire != 0) {
			$oldexpire = $expire;
			$expire = intval(($expire - time()) / 3600);
			$exp_day = $expire / 24;
			$expire = "<input type=\"hidden\" name=\"expire\" value=\"$oldexpire\"><b>$expire "._HOURS." (".substr($exp_day,0,5)." "._DAYS.")</b> <input type='text' name='moretime' size='4'> "._MOREDAYS."";
		} else {
			$expire = "<input type=\"text\" name=\"expire\" value=\"0\" size=\"4\" maxlength=\"3\"> "._DAYS."";
		}
		if ($action == "d") {
			$selact1 = "selected";
			$selact2 = "";
		} elseif ($action == "r") {
			$selact1 = "";
			$selact2 = "selected";
		}
		echo "<tr><td>"._ACTIVATE2."</td><td><input type=\"radio\" name=\"active\" value=\"1\" $sel1>"._YES." &nbsp;&nbsp;"
		."<input type=\"radio\" name=\"active\" value=\"0\" $sel2>"._NO."</td></tr>"
		."<tr><td>"._EXPIRATION.":</td><td>$expire</td></tr>"
		."<tr><td>"._AFTEREXPIRATION.":</td><td><select name=\"action\">"
		."<option name=\"action\" value=\"d\" $selact1>"._DEACTIVATE."</option>"
		."<option name=\"action\" value=\"r\" $selact2>"._DELETE."</option></select></td></tr>";
		if ($url != "") {
			$sel1 = $sel2 = $sel3 = $sel4 = $sel5 = "";
			if ($refresh == 1800) {
				$sel1 = "selected";
			} elseif ($refresh == 3600) {
				$sel2 = "selected";
			} elseif ($refresh == 18000) {
				$sel3 = "selected";
			} elseif ($refresh == 36000) {
				$sel4 = "selected";
			} elseif ($refresh == 86400) {
				$sel5 = "selected";
			}
			echo "<tr><td>"._REFRESHTIME.":</td><td><select name=\"refresh\"><option name=\"refresh\" value=\"1800\" $sel1>1/2 "._HOUR."</option>"
			."<option name=\"refresh\" value=\"3600\" $sel2>1 "._HOUR."</option>"
			."<option name=\"refresh\" value=\"18000\" $sel3>5 "._HOURS."</option>"
			."<option name=\"refresh\" value=\"36000\" $sel4>10 "._HOURS."</option>"
			."<option name=\"refresh\" value=\"86400\" $sel5>24 "._HOURS."</option></select>&nbsp;<font class=\"tiny\">"._ONLYHEADLINES."</font>";
		}
		$sel1 = $sel2 = $sel3 = $sel4 = "";
		if ($view == 0) {
			$sel1 = "selected";
		} elseif ($view == 1) {
			$sel2 = "selected";
		} elseif ($view == 2) {
			$sel3 = "selected";
		} elseif ($view == 3) {
			$sel4 = "selected";
		}
		if ($subscription == 1) {
			$sub_c1 = "";
			$sub_c2 = "checked";
		} else {
			$sub_c1 = "checked";
			$sub_c2 = "";
		}
		echo "</td></tr><tr><td>"._VIEWPRIV."</td><td><select name=\"view\">"
		."<option value=\"0\" $sel1>"._MVALL."</option>"
		."<option value=\"1\" $sel2>"._MVUSERS."</option>"
		."<option value=\"2\" $sel3>"._MVADMIN."</option>"
		."<option value=\"3\" $sel4>"._MVANON."</option>"
		."</select></td></tr><tr><td nowrap>"
		.""._SUBVISIBLE."</td><td><input type='radio' name='subscription' value='0' $sub_c1> "._YES."&nbsp;&nbsp;<input type='radio' name='subscription' value='1' $sub_c2> "._NO.""
		."</td></tr></table><br><br>"
		."<input type=\"hidden\" name=\"bid\" value=\"$bid\">"
		."<input type=\"hidden\" name=\"bkey\" value=\"$bkey\">"
		."<input type=\"hidden\" name=\"weight\" value=\"$weight\">"
		."<input type=\"hidden\" name=\"op\" value=\"ajaxBlocksEditSave\">"
		."<input type=\"submit\" value=\""._SAVEBLOCK."\"></form>";
		CloseTable();
		//include("footer.php");
		if ($StandAlone > 0) CloseTable();
	}


	function ajaxBlocksEditSave($bid, $bkey, $title, $content, $url, $oldposition, $bposition, $active, $refresh, $weight, $blanguage, $blockfile, $view, $expire, $action, $subscription, $moretime) {
		global $prefix, $db, $admin_file;
		if (!empty($moretime)) {
			$moretime = $moretime * 86400;
			$expire = $moretime + $expire;
		}
		if (!empty($url)) {
			$bkey = "";
			$btime = time();
			if (!ereg("http://",$url)) {
				$url = "http://$url";
			}
			$rdf = parse_url($url);
			$fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);
			if (!$fp) {
				rssfail();
				exit;
			}
			if ($fp) {
				fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");
				fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");
				$string	= "";
				while(!feof($fp)) {
					$pagetext = fgets($fp,300);
					$string .= chop($pagetext);
				}
				fputs($fp,"Connection: close\r\n\r\n");
				fclose($fp);
				$items = explode("</item>",$string);
				$content = "<font class=\"content\">";
				for ($i=0;$i<10;$i++) {
					$link = ereg_replace(".*<link>","",$items[$i]);
					$link = ereg_replace("</link>.*","",$link);
					$title2 = ereg_replace(".*<title>","",$items[$i]);
					$title2 = ereg_replace("</title>.*","",$title2);
					if ($items[$i] == "" AND $cont != 1) {
						$content = "";
					} else {
						if (strcmp($link,$title2) AND $items[$i] != "") {
							$cont = 1;
							$content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"$link\" target=\"new\">$title2</a><br>\n";
						}
					}
				}
			}
			if ($oldposition != $bposition) {
				$result = $db->sql_query("select bid from ".$prefix."_blocks where weight>='$weight' AND bposition='$bposition'");
				$fweight = $weight;
				$oweight = $weight;
				while ($row = $db->sql_fetchrow($result)) {
					$nbid = intval($row['bid']);
					$weight++;
					$db->sql_query("update ".$prefix."_blocks set weight='$weight' where bid='$nbid'");
				}
				$result2 = $db->sql_query("select bid from ".$prefix."_blocks where weight>'$oweight' AND bposition='$oldposition'");
				while ($row2 = $db->sql_fetchrow($result2)) {
					$obid = intval($row2['bid']);
					$db->sql_query("update ".$prefix."_blocks set weight='$oweight' where bid='$obid'");
					$oweight++;
				}
				$row3 = $db->sql_fetchrow($db->sql_query("select weight from ".$prefix."_blocks where bposition='$bposition' order by weight DESC limit 0,1"));
				$lastw = $row3['weight'];
				if ($lastw <= $fweight) {
					$lastw++;
					$db->sql_query("update ".$prefix."_blocks set title='$title', content='$content', bposition='$bposition', weight='$lastw', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', subscription='$subscription' where bid='$bid'");
				} else {
					$db->sql_query("update ".$prefix."_blocks set title='$title', content='$content', bposition='$bposition', weight='$fweight', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', subscription='$subscription' where bid='$bid'");
				}
			} else {
				$db->sql_query("update ".$prefix."_blocks set bkey='$bkey', title='$title', content='$content', url='$url', bposition='$bposition', weight='$weight', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', subscription='$subscription' where bid='$bid'");
			}	$db->sql_query("update ".$prefix."_blocks set bkey='$bkey', title='$title', content='$content', url='$url', bposition='$bposition', weight='$weight', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', expire='$expire', action='$action', subscription='$subscription' where bid='$bid'");
			Header("Location: ".$admin_file.".php?op=ajaxBlocksEditor");
		} else {
			$title = filter($title, "nohtml", 1);
			$content = filter($content, "", 1);
			if ($oldposition != $bposition) {
				$result5 = $db->sql_query("select bid from ".$prefix."_blocks where weight>='$weight' AND bposition='$bposition'");
				$fweight = $weight;
				$oweight = $weight;
				while ($row5 = $db->sql_fetchrow($result5)) {
					$nbid = intval($row5['bid']);
					$weight++;
					$db->sql_query("update ".$prefix."_blocks set weight='$weight' where bid='$nbid'");
				}
				$result6 = $db->sql_query("select bid from ".$prefix."_blocks where weight>'$oweight' AND bposition='$oldposition'");
				while ($row6 = $db->sql_fetchrow($result6)) {
					$obid = intval($row6['bid']);
					$db->sql_query("update ".$prefix."_blocks set weight='$oweight' where bid='$obid'");
					$oweight++;
				}
				$row7 = $db->sql_fetchrow($db->sql_query("select weight from ".$prefix."_blocks where bposition='$bposition' order by weight DESC limit 0,1"));
				$lastw = $row7['weight'];
				if ($lastw <= $fweight) {
					$lastw++;
					$db->sql_query("update ".$prefix."_blocks set title='$title', content='$content', bposition='$bposition', weight='$lastw', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', subscription='$subscription' where bid='$bid'");
				} else {
					$db->sql_query("update ".$prefix."_blocks set title='$title', content='$content', bposition='$bposition', weight='$fweight', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', subscription='$subscription' where bid='$bid'");
				}
			} else {
				if (empty($expire)) {
					$expire = 0;
				}
				if ($expire != 0 AND $expire <= 999) {
					$expire = time() + ($expire * 86400);
				}
				$result8 = $db->sql_query("update ".$prefix."_blocks set bkey='$bkey', title='$title', content='$content', url='$url', bposition='$bposition', weight='$weight', active='$active', refresh='$refresh', blanguage='$blanguage', blockfile='$blockfile', view='$view', expire='$expire', action='$action', subscription='$subscription' where bid='$bid'");
			}
			Header("Location: ".$admin_file.".php?op=ajaxBlocksEditor");
		}
	}

	function ajaxBlocksAdd($title, $content, $url, $bposition, $active, $refresh, $headline, $blanguage, $blockfile, $view, $expire, $action, $subscription) {
		global $prefix, $db, $admin_file;
		if ($headline != 0) {
			$row = $db->sql_fetchrow($db->sql_query("select sitename, headlinesurl from ".$prefix."_headlines where hid='$headline'"));
			$title = filter($row['sitename'], "nohtml", 1);
			$url = filter($row['headlinesurl'], "nohtml", 1);
		}
		$row2 = $db->sql_fetchrow($db->sql_query("SELECT weight FROM ".$prefix."_blocks WHERE bposition='$bposition' ORDER BY weight DESC"));
		$weight = intval($row2['weight']);
		$weight++;
		$title = filter($title, "nohtml", 1);
		$content = filter($content, "", 1);
		$bkey = "";
		$btime = "";
		if (!empty($blockfile)) {
			$url = "";
			if (empty($title)) {
				$title = ereg_replace("block-","",$blockfile);
				$title = ereg_replace(".php","",$title);
				$title = ereg_replace("_"," ",$title);
			}
		}
		if (!empty($url)) {
			$btime = time();
			if (!ereg("http://",$url)) {
				$url = "http://$url";
			}
			$rdf = parse_url($url);
			$fp = fsockopen($rdf['host'], 80, $errno, $errstr, 15);
			if (!$fp) {
				rssfail();
				exit;
			}
			if ($fp) {
				fputs($fp, "GET " . $rdf['path'] . "?" . $rdf['query'] . " HTTP/1.0\r\n");
				fputs($fp, "HOST: " . $rdf['host'] . "\r\n\r\n");
				$string = "";
				while(!feof($fp)) {
					$pagetext = fgets($fp,228);
					$string .= chop($pagetext);
				}
				fputs($fp,"Connection: close\r\n\r\n");
				fclose($fp);
				$items = explode("</item>",$string);
				$content = "<font class=\"content\">";
				for ($i=0;$i<10;$i++) {
					$link = ereg_replace(".*<link>","",$items[$i]);
					$link = ereg_replace("</link>.*","",$link);
					$title2 = ereg_replace(".*<title>","",$items[$i]);
					$title2 = ereg_replace("</title>.*","",$title2);
					if ($items[$i] == "" AND $cont != 1) {
						$content = "";
					} else {
						if (strcmp($link,$title2) AND !empty($items[$i])) {
							$cont = 1;
							$content .= "<strong><big>&middot;</big></strong>&nbsp;<a href=\"$link\" target=\"new\">$title2</a><br>\n";
						}
					}
				}
			}
		}
		$content = filter($content, "", 1);
		if (($content == "") AND ($blockfile == "")) {
			rssfail();
		} else {
			if ($expire == "") {
				$expire = 0;
			}
			if ($expire != 0) {
				$expire = time() + ($expire * 86400);
			}
			$db->sql_query("insert into ".$prefix."_blocks values (NULL, '$bkey', '$title', '$content', '$url', '$bposition', '$weight', '$active', '$refresh', '$btime', '$blanguage', '$blockfile', '$view', '$expire', '$action', '$subscription')");
			Header("Location: ".$admin_file.".php?op=ajaxBlocksEditor");
		}
	}

function parse_data($data)
{
  $containers = explode(":", $data);
  foreach($containers AS $container)
  {
      $container = str_replace(")", "", $container); 
      $i = 0;
      $lastly = explode("(", $container);
      $values = explode(",", $lastly[1]);
      foreach($values AS $value)
      {
        if($value == '')
        {
            continue; 
        }
        $final[$lastly[0]][] = $value;
        $i ++;
      }
  }
    return $final;
}

function edit_block($data)
{
	global $db, $prefix, $SELF, $StandAlone;
	
	$mod = $_POST['mod'];
	$blist = ObjDecode($_POST['blist']);

	
	$bids = "";
	$eids = array();

		if(isset($_POST['order']))
		{
		  $data = parse_data($_POST['order']);
		  foreach($data AS $bposition  => $item)
		  {
		     $i = 1;
		 
		     foreach($item AS  $bid)
		     { 
				     list($bid,$oposition,$weight,$active) = explode("<|>", $bid);
				     
				     if($weight!=$i || $bposition!=$oposition)$GoUpdate=1;
				     else $GoUpdate=0;
				     
				     $sqlU="";
					switch ($bposition) {
		
					    case "l":
					    case "r":
					    case "c":
					    case "d":
					    	if($mod=='sort')$sqlU="UPDATE ".$prefix."_blocks SET bposition = '$bposition', weight = '$i', active = '1' WHERE bid = '$bid'";
					    break;

					    case "edit":
					    	if($mod=='edit')$eids[]= $bid;
					    	if($mod=='delete') {
					    		$bids .= " '$bid',";
					    		$blist2[] = dstripslashes($blist[$bid]);
					    	}
					    break;
					    
					    case "t":
					    	if($mod=='sort')$sqlU="UPDATE ".$prefix."_blocks SET weight = '',active = '0' WHERE bid = '$bid'"; 
					    	$GoUpdate = $active;
					    break;
					    
					}
		
			       if($mod=='sort' && $GoUpdate==1){$db->sql_query($sqlU);}

			       $i ++;
			       
		    }
		  }
		
		    $bids = substr($bids,0,-1);
		    if($mod=='delete')DeleteConfirm($bids,$blist2);

		    elseif($mod=='edit' && is_array($eids))
		    {
				    $eid = $eids[0];

				    if($eid>0)
				    {
					    	BlocksEdit($eid);
					    	if ($StandAlone < 1)include("footer.php");
					    	
				    }else{
								echo "<script type=\"text/javascript\">
								history.go(-1);
								</SCRIPT>";
				    }
		    }elseif($mod=='sort') header("location: $SELF");
		}
		exit;
}
function ajaxBlocksDelete($bids, $ok=0) {
    global $prefix, $db, $admin_file;
        $bids = stripslashes($bids);
    if ($ok) $db->sql_query("DELETE FROM ".$prefix."_blocks WHERE bid IN ($bids)");
  Header("Location: ".$admin_file.".php?op=ajaxBlocksEditor");
} 
    
function DeleteConfirm($bids,$blist2) {
	global $admin_file,$StandAlone;
	if(count($blist2)<1)Header("Location: ".$admin_file.".php?op=ajaxBlocksEditor");
	if ($StandAlone < 1){
		//include("header.php");
		GraphicAdmin();
	}
	OpenTable();
	echo "<center><font class=\"title\"><b>"._AJAXBlocksEditor."</b></font></center>";
	CloseTable();
	echo "<br>";
	OpenTable();
	echo "<center>"._ARESUREDELBLOCK." <i>$title</i>? ";
	//echo "<FIELDSET class=\"note\"><legend>"._Blocks2EditOrDelete."</legend> \n";
	echo "<table><tr><td> \n";
	echo "<ul  id=\"edit2\" class=\"sortable2 edit2\"> \n";
	foreach($blist2 AS $title)echo "<li>$title </li> \n";
	echo "</ul> \n";
	echo "</td></tr></table> \n";
  //echo "</FIELDSET> \n";
	echo "<br><br>[ <a href=\"".$admin_file.".php?op=ajaxBlocksEditor\">"._NO."</a> | <a href=\"".$admin_file.".php?op=ajaxBlocksDelete&amp;bids=$bids&amp;ok=1\">"._YES."</a> ]</center>";
	CloseTable();
	if ($StandAlone < 1)include("footer.php");
}

function daddslashes(&$string) {
	if(!$GLOBALS['magic_quotes_gpc']) {
			$string = addslashes($string);
	}
	return $string;
}

function dstripslashes(&$string) {
	if(!$GLOBALS['magic_quotes_gpc']) {
			$string = stripslashes($string);
	}
	return $string;
}


function ObjDecode($obj){
   Return unserialize(base64_decode($obj));  
} 

function ObjEncode($obj){
   Return base64_encode(Serialize($obj));
}
?>


<?
	function ajaxBlocksAdmin() {
		global $bgcolor2, $bgcolor4, $prefix, $db, $currentlang, $multilingual, $admin_file,$StandAlone;

		OpenTable();
		echo "<center><font class=\"title\"><b><a href='".$admin_file.".php?op=ajaxBlocksEditor'>"._AJAXBlocksEditor."</a> - "._AddNewBlock."</b></font></center>";
		CloseTable();
/*
		include("header.php");
		GraphicAdmin();
		OpenTable();
		echo "<center><font class=\"title\"><b>"._BLOCKSADMIN."</b></font></center>";
		CloseTable();
		echo "<br>";
		OpenTable();
*/
		//echo "<br>";
		
		if ($StandAlone > 0){
		echo "<center><TABLE cellSpacing=\"0\" cellPadding=\"0\" width=\"70%\" border=\"0\">
		<TBODY>
		<TR>
		<TD>";
		}
		
		OpenTable();
		echo "<center><font class=\"option\"><b>"._ADDNEWBLOCK."</b></font></center><br><br>"
		."<form action=\"".$admin_file.".php\" method=\"post\">"
		."<table border=\"0\" width=\"100%\">"
		."<tr><td>"._TITLE.":</td><td><input type=\"text\" name=\"title\" size=\"30\" maxlength=\"60\"></td></tr>"
		."<tr><td>"._RSSFILE.":</td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"200\">&nbsp;&nbsp;"
		."<select name=\"headline\">"
		."<option name=\"headline\" value=\"0\" selected>"._CUSTOM."</option>";
		$res3 = $db->sql_query("select hid, sitename from ".$prefix."_headlines");
		while ($row_res3 = $db->sql_fetchrow($res3)) {
			$hid = intval($row_res3['hid']);
			$htitle = filter($row_res3['sitename'], "nohtml");
			echo "<option name=\"headline\" value=\"$hid\">$htitle</option>";
		}
		echo "</select>&nbsp;[ <a href=\"".$admin_file.".php?op=HeadlinesAdmin\">Setup</a> ]<br><font class=\"tiny\">";
		echo ""._SETUPHEADLINES."</font></td></tr>"
		."<tr><td>"._FILENAME.":</td><td>"
		."<select name=\"blockfile\">"
		."<option name=\"blockfile\" value=\"\" selected>"._NONE."</option>";
		$blocksdir = dir("blocks");
		while($func=$blocksdir->read()) {
			if(substr($func, 0, 6) == "block-") {
				$blockslist .= "$func ";
			}
		}
		closedir($blocksdir->handle);
		$blockslist = explode(" ", $blockslist);
		sort($blockslist);
		for ($i=0; $i < sizeof($blockslist); $i++) {
			if(!empty($blockslist[$i])) {
				$bl = ereg_replace("block-","",$blockslist[$i]);
				$bl = ereg_replace(".php","",$bl);
				$bl = ereg_replace("_"," ",$bl);
				$result2 = $db->sql_query("select * from ".$prefix."_blocks where blockfile='$blockslist[$i]'");
				$numrows = $db->sql_numrows($result2);
				if ($numrows == 0) {
					echo "<option value=\"$blockslist[$i]\">$bl</option>\n";
				}
			}
		}
		echo "</select>&nbsp;&nbsp;<font class=\"tiny\">"._FILEINCLUDE."</font></td></tr>"
		."<tr><td>"._CONTENT.":</td><td><textarea name=\"content\" cols=\"70\" rows=\"15\"></textarea><br><font class=\"tiny\">"._IFRSSWARNING."</font></td></tr>"
		."<tr><td>"._POSITION.":</td><td><select name=\"bposition\"><option name=\"bposition\" value=\"l\">"._LEFT."</option>"
		."<option name=\"bposition\" value=\"c\">"._CENTERUP."</option>"
		."<option name=\"bposition\" value=\"d\">"._CENTERDOWN."</option>"
		."<option name=\"bposition\" value=\"r\">"._RIGHT."</option></select></td></tr>";
		if ($multilingual == 1) {
			echo "<tr><td>"._LANGUAGE.":</td><td>"
			."<select name=\"blanguage\">";
			$handle=opendir('language');
			while ($file = readdir($handle)) {
				if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
					$langFound = $matches[1];
					$languageslist .= "$langFound ";
				}
			}
			closedir($handle);
			$languageslist = explode(" ", $languageslist);
			sort($languageslist);
			for ($i=0; $i < sizeof($languageslist); $i++) {
				if($languageslist[$i]!="") {
					echo "<option value=\"$languageslist[$i]\" ";
					if($languageslist[$i]==$currentlang) echo "selected";
					echo ">".ucfirst($languageslist[$i])."</option>\n";
				}
			}
			echo "<option value=\"\">"._ALL."</option></select></td></tr>";
		} else {
			echo "<input type=\"hidden\" name=\"blanguage\" value=\"\">";
		}
		echo "<tr><td>"._ACTIVATE2."</td><td><input type=\"radio\" name=\"active\" value=\"1\" checked>"._YES." &nbsp;&nbsp;"
		."<input type=\"radio\" name=\"active\" value=\"0\">"._NO."</td></tr>"
		."<tr><td>"._EXPIRATION.":</td><td><input type=\"text\" name=\"expire\" size=\"4\" maxlength=\"3\" value=\"0\"> "._DAYS."</td></tr>"
		."<tr><td>"._AFTEREXPIRATION.":</td><td><select name=\"action\">"
		."<option name=\"action\" value=\"d\">"._DEACTIVATE."</option>"
		."<option name=\"action\" value=\"r\">"._DELETE."</option></select></td></tr>"
		."<tr><td>"._REFRESHTIME.":</td><td><select name=\"refresh\">"
		."<option name=\"refresh\" value=\"1800\">1/2 "._HOUR."</option>"
		."<option name=\"refresh\" value=\"3600\" selected>1 "._HOUR."</option>"
		."<option name=\"refresh\" value=\"18000\">5 "._HOURS."</option>"
		."<option name=\"refresh\" value=\"36000\">10 "._HOURS."</option>"
		."<option name=\"refresh\" value=\"86400\">24 "._HOURS."</option></select>&nbsp;<font class=\"tiny\">"._ONLYHEADLINES."</font></td></tr>"
		."<tr><td>"._VIEWPRIV."</td><td><select name=\"view\">"
		."<option value=\"0\" >"._MVALL."</option>"
		."<option value=\"1\" >"._MVUSERS."</option>"
		."<option value=\"2\" >"._MVADMIN."</option>"
		."<option value=\"3\" >"._MVANON."</option>"
		."</select></td></tr><tr><td nowrap>"
		.""._SUBVISIBLE."</td><td><input type=\"radio\" name=\"subscription\" value=\"0\" checked>"._YES." &nbsp;&nbsp;<input type=\"radio\" name=\"subscription\" value=\"1\">"._NO.""
		."</td></tr></table><br><br>"
		."<input type=\"hidden\" name=\"op\" value=\"ajaxBlocksAdd\">"
		."<input type=\"submit\" value=\""._CREATEBLOCK."\"></form>";
		CloseTable();
		
		if ($StandAlone > 0){
		echo "<center><TABLE cellSpacing=\"0\" cellPadding=\"0\" width=\"70%\" border=\"0\">
		</TD>
		</TR>
		</TABLE>";
		}
		
		//if ($StandAlone < 1)include("footer.php");
		
	}
	
?>